From d7b455ba1c8686c374f1a2e602571d456ea13653 Mon Sep 17 00:00:00 2001
From: lukinovec <lukinovec@gmail.com>
Date: Wed, 14 Dec 2022 15:44:09 +0100
Subject: [PATCH] Improve Sanctum integration guide

---
 source/docs/v3/integrations/sanctum.blade.md | 30 +++++++++++++++-----
 1 file changed, 23 insertions(+), 7 deletions(-)

diff --git a/source/docs/v3/integrations/sanctum.blade.md b/source/docs/v3/integrations/sanctum.blade.md
index d986dca..6e7ca4a 100644
--- a/source/docs/v3/integrations/sanctum.blade.md
+++ b/source/docs/v3/integrations/sanctum.blade.md
@@ -6,17 +6,33 @@ section: content
 
 # Laravel Sanctum {#sanctum}
 
-> Note that the `sanctum` auth guard can't be used with [user impersonation]({{ $page->link('features/user-impersonation') }}) because user impersonation supports stateful guards only.
+> Note: The `sanctum` auth guard can't be used with [user impersonation]({{ $page->link('features/user-impersonation') }}) because user impersonation supports stateful guards only.
 
-If you need to use the `csrf-cookie` route that Sanctum provides, you have to set up [universal routes]({{ $page->link('features/universal-routes') }}) in your app. Then, add `'routes' => false` to the `sanctum.php` config.
+### Sanctum's csrf-cookie route in the tenant app
 
-Finally, add the following code to `routes/tenant.php` (use tenancy initialization middleware of your choice):
+To make the `sanctum.csrf-cookie` route work in the tenant app, do the following:
+
+1. Add `'routes' => false` to the `sanctum.php` config
+2. Publish the Sanctum migrations and move them to `migrations/tenant`
+3. Make Sanctum not use its migrations in the central app by adding `Sanctum::ignoreMigrations()` to the `register()` method in your `AuthServiceProvider`
+4. Add the following code to `routes/tenant.php` to override the original `sanctum.csrf-cookie` route:
 
 ```php
 Route::group(['prefix' => config('sanctum.prefix', 'sanctum')], static function () {
-    Route::get('/csrf-cookie',[\Laravel\Sanctum\Http\Controllers\CsrfCookieController::class, 'show'])
-        // Use tenancy initialization middleware of your choice
-        ->middleware(['universal', 'web', \Stancl\Tenancy\Middleware\InitializeTenancyByDomain::class])
-        ->name('sanctum.csrf-cookie');
+    Route::get('/csrf-cookie', [CsrfCookieController::class, 'show'])
+        ->middleware([
+            'web',
+            InitializeTenancyByDomain::class // Use tenancy initialization middleware of your choice
+        ])->name('sanctum.csrf-cookie');
 });
 ```
+
+### Sanctum's csrf-cookie in both the central and the tenant app
+
+To use the `sanctum.csrf-cookie` route in both the central and the tenant apps:
+
+1. Follow the steps in the previous section ("Sanctum's csrf-cookie route in the tenant app")
+2. Set up [universal routes]({{ $page->link('features/universal-routes') }})
+3. Remove `Sanctum::ignoreMigrations()` from your `AuthServiceProvider`'s `register()` method
+4. Remove `'routes' => false` from the `sanctum.php` config
+5. Add the `'universal'` middleware to the `sanctum.csrf-cookie` route in your `routes/tenant.php`